New in version 1.7.8

December 2nd, 2014

Change: now the "If-Modified-Since", "If-Range", etc. client request header lines are passed to a backend while caching if nginx knows in advance that the response will not be cached (e.g., when using proxy_cache_min_uses).

Change: now after proxy_cache_lock_timeout nginx sends a request to a backend with caching disabled; the new directives "proxy_cache_lock_age", "fastcgi_cache_lock_age", "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time after which the lock will be released and another attempt to cache a response will be made.

Change: the "log_format" directive can now be used only at http level.

Bugfix: in the "ssl_password_file" directive when using OpenSSL 0.9.8zc, 1.0.0o, 1.0.1j.

Bugfix: alerts "header already sent" appeared in logs if the "post_action" directive was used; the bug had appeared in 1.5.4.

Bugfix: alerts "the http output chain is empty" might appear in logs if the "postpone_output 0" directive was used with SSI includes.

Bugfix: in the "proxy_cache_lock" directive with SSI subrequests. Thanks to Yichun Zhang.

New in version 1.6.2 (September 16th, 2014)

Security: it was possible to reuse SSL sessions in unrelated contexts if a shared SSL session cache or the same TLS session ticket key was used for multiple "server" blocks (CVE-2014-3616). Thanks to Antoine Delignat-Lavaud.

Bugfix: requests might hang if resolver was used and a DNS server returned a malformed response; the bug had appeared in 1.5.8.

Bugfix: requests might hang if resolver was used and a timeout occurred during a DNS request.

New in version 1.6.1 (August 5th, 2014)

Security: pipelined commands were not discarded after STARTTLS command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. Thanks to Chris Boulton.

Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug had appeared in 1.5.6. Thanks to Svyatoslav Nikolsky.

New in version 1.6.0 (April 24th, 2014)

This stable version incorporates many new features from the 1.5.x mainline branch - including various SSL improvements, SPDY 3.1 support, cache revalidation with conditional requests, auth request module and more.